Using Representational State Transfer (rest) for Consent Management

PublishedFebruary 7, 2017

Assigneenot available in USPTO data we have

InventorsAjay Sondhi Ching-Wen Chu Beomsuk Kim Ravi Hingarajiya

Technical Abstract

Patent Claims

20 claims

Legal claims defining the scope of protection, as filed with the USPTO.

1. A method comprising: sending, from an application executing on a device associated with a user, through a Representational State Transfer (REST)-based interface, to an authorization computer system, a request for permission to access a scope of information associated with the user; based on authentication of the user associated with the device, receiving, at the device associated with the user, through the REST-based interface, from the authorization computer system, a request for consent by the user to allow the application to access information that is within the scope of information associated with the user; and responsive to the device receiving consent from the user, sending, from the device associated with the user, through the REST-based interface, to the authorization computer system, information indicating the consent to allow the application to access the information, wherein the authorization computer system stores a mapping between the application and the scope of information.

2. The computer-implemented method of claim 1 , further comprising: receiving, at the device, from the authorization computer system, through the REST-based interface, a request for an authentication credential associated with the user.

3. The method of claim 2 , further comprising: sending, from the device, the authentication credential to the authorization computer system through the REST-based interface, wherein the authorization computer system, determines the authentication of the user based on the authentication credential.

4. The computer-implemented method of claim 1 , further comprising: sending, from the application on the device, through the REST-based interface, to the authorization computer system, a request for permission to access new information within the scope of information; and receiving, at the device, through the REST-based interface, from the authorization computer system, a response providing the permission to access the new information, wherein the permission to access the new information is determined based on identifying the mapping between the application and the scope of information.

5. The computer-implemented method of claim 1 , wherein communication between the device and the authorization computer system occurs through the REST-based interface without involving a Hypertext Transfer Protocol (HTTP) redirect operation.

6. The computer-implemented method of claim 1 , further comprising: sending, from the application, through the REST-based interface, to the authorization computer system, a request to revoke the consent, wherein revoking the consent includes deleting the mapping stored by the authorization computer system.

7. A machine-readable memory comprising instructions which, when executed by one or more processors, cause the one or more processors to perform operations comprising: sending, from an application executing on a device associated with a user, through a Representational State Transfer (REST)-based interface, to an authorization computer system, a request for permission to access a scope of information associated with the user; based on authentication of the user associated with the device, receiving, at the device associated with the user, through the REST-based interface, from the authorization computer system, a request for consent by the user to allow the application to access information that is within the scope of information associated with the user; and responsive to the device receiving consent from the user, sending, from the device associated with the user, through the REST-based interface, to the authorization computer system, information indicating the consent to allow the application to access the information, wherein the authorization computer system stores a mapping between the application and the scope of information.

8. The machine-readable memory of claim 7 , wherein the instructions, when executed by the one or more processors, cause the one or more processors to perform: receiving, at the device, from the authorization computer system, through the REST-based interface, a request for an authentication credential associated with the user.

9. The machine-readable memory of claim 8 , wherein the instructions, when executed by the one or more processors, cause the one or more processors to perform: sending, from the device, the authentication credential to the authorization computer system through the REST-based interface, wherein the authorization computer system, determines authentication of the user based on the authentication credential.

10. The machine-readable memory of claim 7 , wherein the instructions, when executed by the one or more processors, cause the one or more processors to perform: sending, from the application on the device, through the Representational State Transfer (REST)-based interface, to the authorization computer system, a request for permission to access new information within the scope of information; and receiving, at the device, through the REST-based interface, from the authorization computer system, a response providing the permission to access the new information, wherein the permission to access the new information is determined based on identifying the mapping between the application and the scope of information.

11. A system comprising: one or more hardware processors; and a memory storing a plurality of instructions, the plurality of instructions, when executed by the one or more hardware processors, causes the one or more hardware processors to: send, from an application executing on a device associated with a user, through a Representational State Transfer (REST)-based interface, to an authorization computer system, a request for permission to access a scope of information associated with the user; based on authentication of the user associated with the device, receive, at the device associated with the user, through the REST-based interface, from the authorization computer system, a request for consent by the user to allow the application to access information that is within the scope of information associated with the user; and responsive to the device receiving consent from the user, send, from the device associated with the user, through the REST-based interface, to the authorization computer system, information indicating the consent to allow the application to access the information, wherein the authorization computer system stores a mapping between the application and the scope of information.

12. The system of claim 11 , wherein the plurality of instructions, when executed by the one or more hardware processors, further causes the one or more hardware processors to: send, from the device, an authentication credential to the authorization computer system through the REST-based interface, wherein the authorization computer system, determines authentication of the user based on the authentication credential.

13. The system of claim 12 , wherein the plurality of instructions further configure the one or more hardware processors to: send, from the application on the device, through the Representational State Transfer (REST)-based interface, to the authorization computer system, a request for permission to access new information within the scope of information; and receive, at the device, through the REST-based interface, from the authorization computer system, a response providing the permission to access the new information, wherein the permission to access the new information is determined based on identifying the mapping between the application and the scope of information.

14. The system of claim 11 , wherein communication between the device and the authorization computer system occurs through the REST-based interface without involving a Hypertext Transfer Protocol (HTTP) redirect operation.

15. The system of claim 11 , wherein the plurality of instructions further configure the one or more hardware processors to: send, from the application, through the REST-based interface, to the authorization computer system, a request to revoke the consent, wherein revoking the consent includes deleting the mapping stored at the authorization computer system.

16. The system of claim 11 , wherein the request for consent is received by the application on the device, and wherein the consent is sent by the application on the device.

17. The system of claim 11 , wherein communication through the REST-based interface does not involve an HTML-based redirect.

18. The system of claim 11 , wherein the plurality of instructions further configure the one or more hardware processors to: render a user interface on a display of the device, the user interface displaying one or more commands associated with communication between the device and the authorization computer system occurring through the REST-based interface.

19. The system of claim 18 , wherein communication associated with the one or more commands, through the REST-based interface, does not involve an HTML-based redirect.

20. The system of claim 11 , wherein the plurality of instructions further configure the one or more hardware processors to: send, from the device, through the REST-based interface, to the authorization computer system, a request for a list of mappings; receiving, by the device, through the REST-based interface, from the authorization computer system, the list of mappings, wherein the list of mappings includes the mapping.

Patent Metadata

Filing Date

Unknown

Publication Date

February 7, 2017

Inventors

Ajay Sondhi

Ching-Wen Chu

Beomsuk Kim

Ravi Hingarajiya

Want to explore more patents?

Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.

Browse All Patents Try Prior Art Search